Patrizio,
Unfortunately we don't have audit records written for SCIM operations - that probably would have been the best answer. If you think this would be the right answer then please create a "Request for Enhancement" to register this requirement.
https://www.ibm.com/developerworks/rfe/?PROD_ID=1575As already discussed, HTTP request log gives some information but not enough to really know what changes were made.
I can think of two ideas:
1. Enable auditing in whatever directory server actually stores the users and groups. If you BIND to this with a specific user when doing SCIM operations then perhaps you could filter based on that to get just the SCIM operations.
2. Create a "proxy" HTTP service (your own or something in JavaScript using the AAC) which writes audit records before forwarding the requests to the "real" SCIM endpoint. I'm not sure how easy this would be - just an option.
Jon.
------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
------------------------------
Original Message:
Sent: Tue June 08, 2021 04:30 AM
From: Patrizio
Subject: SCIM Logging
Thanks Joao,
in reverse proxy logs i can find requests but not the payload, so it's not possible to understand what operation was done on the data.
I know there are several log verbosity settings for trace logs, but my aim would be to keep track of all the operations performed through this interface.
Thanks
------------------------------
Patrizio Spadavecchia
Original Message:
Sent: Mon June 07, 2021 05:36 PM
From: Joao Goncalves
Subject: SCIM Logging
You have more options. Instead of using ALL, you can control the level of logging with other options. For example FINEST, FINE, etc.
Regarding the operations carried out, I am not sure what you want, but you the scim REST API, are http requests, so if that is what you need, you may find these also in the reverse proxy logs.
------------------------------
Joao Goncalves
Pyxis, Lda.
+351 91 721 4994
Original Message:
Sent: Mon June 07, 2021 06:04 AM
From: Patrizio Spadavecchia
Subject: SCIM Logging
.